Qlogic 5800V Series User Manual page 171

Remote Address
Remote Port
Protocol
Peer
Action
Protection Desired
Lifetime Child
RekeyChild
Encryption
Integrity
DHGroup
Restrict
Removing a Policy Configuration
To remove an existing policy configuration:
1. On the Switch menu, click Network, and then click IPsecIKE Properties to
view the IKE Configuration dialog box
2. On the IKE Policy Database side, click the policy in the list to remove.
3. Click Remove.
4. Click OK to save the changes and exit the IKE Configuration dialog box, or
click Cancel to exit without saving any changes.
Editing a Policy Configuration
To edit an existing policy configuration:
1. On the Switch menu, click Network, and then click IPsecIKE Properties to
view the IKE Configuration dialog box
2. On the IKE Policy Database side, click the policy in the list to edit.
59266-01 B
Table 5-10. Create Policy Dialog Box Fields
Field
Available only when tunnel option is selected in Mode
drop-down. Must be an IPv4 or IPV6 address, with an optional
prefix length specifier of /n for switch to subnet policies.
Range between 1–65535
Options: icmp, icmp6, ip4, tcp, udp, any
The IKE peer to which this IKE policy applies
ipsec (only option)
Available only when transport option is selected in Mode
drop-down; esp (only option)
Range between 900–86400
Select or not
Options: null, 3des_cbc, aes_cbc_128, aes_cbc_192,
aes_cbc_256
Options: md5_96, sha1_96, sha2_256, aes_xcbc_96
Options: 1, 2, 5, 14, 24
If selected, IKE can create only child SAs with the selected
encryption/authentication algorithms. If not selected, child SAs
can be created for any algorithms the peers have in common.
5–Managing Switches
Configuring the Network
Description
(Figure 5-19).
(Figure 5-19).
5-47